AI Security Review
scanned 2h ago · by lpm-firewall-aiThe postinstall hook provisions a platform-specific Depot binary when its optional dependency is missing. It only targets the package's own binary paths and registry package names; no confirmed malicious attack surface is established.
Decision evidence
public snapshot- `package.json` runs `install.js` via `postinstall`.
- `install.js` falls back to npm install or an npm-registry tarball for its own platform package.
- `install.js` writes and executes the selected Depot binary shim.
- Fallback downloads only `@depot/cli-*` packages at the matching package version.
- Network target is the package-aligned `registry.npmjs.org` registry.
- Environment reads are limited to `DEPOT_BINARY_PATH` and npm/Yarn detection.
- No credential harvesting, exfiltration, eval/vm, AI-agent config writes, or foreign persistence found.
- `bin/depot` and `lib/main.js` only resolve and invoke the selected Depot binary.
Source & flagged code
7 flagged · loading sourcePackage defines install-time lifecycle scripts.
package.jsonView on unpkgInstall-time lifecycle script is not statically allowlisted and needs review.
package.jsonView on unpkgA single source file combines environment access, network access, and code or shell execution; review context before blocking.
install.jsView on unpkg · L25Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
install.jsView on unpkg · L25Package source invokes a package manager install command at runtime.
install.jsView on unpkg · L172Package source references dynamic require/import behavior.
install.jsView on unpkg · L25